Sample viewer

vx.netlux.org/Virus.DOS.SillyOE.Scorn

Time	Syscall Op	Syscall Name
2018-12-17T22:53:02.996531056Z	44	PC: 12b5c \| Get time 0x12b5c: mov word ptr [0x1d0], dx 0x12b60: ret 0x12b61: push bx 0x12b62: mov cx, 0x100 0x12b65: call 0x22b3f 0x12b68: or dl, dl 0x12b6a: je 0x12b62 0x12b6c: mov byte ptr [0x33e], dl 0x12b70: mov di, 0x341 0x12b73: mov word ptr [0x33f], 0 0x12b79: mov word ptr [0x1d5], 5 0x12b7f: call 0x12c39 0x12b82: mov ax, 0x3bb9 0x12b85: stosw word ptr es:[di], ax 0x12b86: mov al, 2 0x12b88: stosb byte ptr es:[di], al 0x12b89: mov word ptr [0x1d5], 4 0x12b8f: call 0x12c39 0x12b92: mov cx, 6 0x12b95: call 0x22b3f
2018-12-17T22:53:02.999853167Z	78	PC: 12a52 \| Find first file
2018-12-17T22:53:03.005033639Z	42	PC: 12ab6 \| Get date 0x12ab6: cmp dl, 1 0x12ab9: jne 0x12ac4 0x12abb: mov ah, 9 0x12abd: mov dx, 0x18c 0x12ac0: int 0x21 0x12ac2: jmp 0x12ac2 0x12ac4: int 0 0x12ac6: sub ch, byte ptr [0x7865] 0x12aca: inc bp 0x12acb: add byte ptr [di + 0x6f], cl 0x12ace: jb 0x12b44 0x12ad0: pop es 0x12ad1: and byte ptr [bx + di + 0x75], ah 0x12ad4: pop es 0x12ad5: and byte ptr [bp + 0x4e], al 0x12ad8: and word ptr [bx], ax 0x12ada: pop es 0x12adb: pop es 0x12adc: or cl, byte ptr [di] 0x12ade: pop bx
2018-12-17T22:53:03.01157175Z	76	PC: 0 \| Terminate with return code (Return code = '0')

Time	Syscall Op	Syscall Name
2018-12-25T12:29:54.714070311Z	44	PC: 12b5c \| Get time 0x12b5c: mov word ptr [0x1d0], dx 0x12b60: ret 0x12b61: push bx 0x12b62: mov cx, 0x100 0x12b65: call 0x22b3f 0x12b68: or dl, dl 0x12b6a: je 0x12b62 0x12b6c: mov byte ptr [0x33e], dl 0x12b70: mov di, 0x341 0x12b73: mov word ptr [0x33f], 0 0x12b79: mov word ptr [0x1d5], 5 0x12b7f: call 0x12c39 0x12b82: mov ax, 0x3bb9 0x12b85: stosw word ptr es:[di], ax 0x12b86: mov al, 2 0x12b88: stosb byte ptr es:[di], al 0x12b89: mov word ptr [0x1d5], 4 0x12b8f: call 0x12c39 0x12b92: mov cx, 6 0x12b95: call 0x22b3f
2018-12-25T12:29:54.716849434Z	78	PC: 12a52 \| Find first file
2018-12-25T12:29:54.726921923Z	42	PC: 12ab6 \| Get date 0x12ab6: cmp dl, 1 0x12ab9: jne 0x12ac4 0x12abb: mov ah, 9 0x12abd: mov dx, 0x18c 0x12ac0: int 0x21 0x12ac2: jmp 0x12ac2 0x12ac4: int 0 0x12ac6: sub ch, byte ptr [0x7865] 0x12aca: inc bp 0x12acb: add byte ptr [di + 0x6f], cl 0x12ace: jb 0x12b44 0x12ad0: pop es 0x12ad1: and byte ptr [bx + di + 0x75], ah 0x12ad4: pop es 0x12ad5: and byte ptr [bp + 0x4e], al 0x12ad8: and word ptr [bx], ax 0x12ada: pop es 0x12adb: pop es 0x12adc: or cl, byte ptr [di] 0x12ade: pop bx
2018-12-25T12:29:54.729132418Z	9	PC: 12ac2 \| Display string (String= 'Mort au FN! [K�B] Scorn')

Time	Syscall Op	Syscall Name
2018-12-25T12:29:55.204531899Z	44	PC: 12b5c \| Get time 0x12b5c: mov word ptr [0x1d0], dx 0x12b60: ret 0x12b61: push bx 0x12b62: mov cx, 0x100 0x12b65: call 0x22b3f 0x12b68: or dl, dl 0x12b6a: je 0x12b62 0x12b6c: mov byte ptr [0x33e], dl 0x12b70: mov di, 0x341 0x12b73: mov word ptr [0x33f], 0 0x12b79: mov word ptr [0x1d5], 5 0x12b7f: call 0x12c39 0x12b82: mov ax, 0x3bb9 0x12b85: stosw word ptr es:[di], ax 0x12b86: mov al, 2 0x12b88: stosb byte ptr es:[di], al 0x12b89: mov word ptr [0x1d5], 4 0x12b8f: call 0x12c39 0x12b92: mov cx, 6 0x12b95: call 0x22b3f
2018-12-25T12:29:55.20710221Z	78	PC: 12a52 \| Find first file
2018-12-25T12:29:55.214787796Z	42	PC: 12ab6 \| Get date 0x12ab6: cmp dl, 1 0x12ab9: jne 0x12ac4 0x12abb: mov ah, 9 0x12abd: mov dx, 0x18c 0x12ac0: int 0x21 0x12ac2: jmp 0x12ac2 0x12ac4: int 0 0x12ac6: sub ch, byte ptr [0x7865] 0x12aca: inc bp 0x12acb: add byte ptr [di + 0x6f], cl 0x12ace: jb 0x12b44 0x12ad0: pop es 0x12ad1: and byte ptr [bx + di + 0x75], ah 0x12ad4: pop es 0x12ad5: and byte ptr [bp + 0x4e], al 0x12ad8: and word ptr [bx], ax 0x12ada: pop es 0x12adb: pop es 0x12adc: or cl, byte ptr [di] 0x12ade: pop bx
2018-12-25T12:29:55.221903408Z	76	PC: 0 \| Terminate with return code (Return code = '0')